Asahi Cyberattack is the Problem of Every Business

このページを日本語で読む

A cyberattack carried out at the end of September continues to disrupt operations at Asahi Group Holdings, the major food and beverage company that produces Japan's bestselling beer.

The hacker attack caused a systems failure, making it impossible to process orders and deliveries. Asahi was forced to temporarily suspend operations at its domestic factories. Stores have run out of their stocks of some Asahi products. Meanwhile, the planned release of new products has also been postponed.

More than two weeks have passed since the September 29 cyberattack. However, it still remains unclear when Asashi's system will enjoy a full recovery.

The company has announced that the cause of the system failure was a cyberattack using ransomware. In other words, a computer virus that demands a ransom to restore operations. A Russian hacker group has posted a statement claiming responsibility for the attack on the "dark web."

Asahi Group Holdings logo.

Hopefully, Asahi will cooperate with the government, investigative authorities and security professionals and make every effort to ensure a speedy recovery of its operations.

How Ransomware Attacks Unfold

Ransomware encrypts data stored on servers belonging to companies or other entities and steals it. Its actions render the system unusable. According to the National Police Agency, the number of reported cases of ransomware cyberattacks from January to June 2025 reached 116. It is the highest number ever for a half-year period.

Small and medium-sized enterprises that cannot afford to spend money on countermeasures are often targeted. But recent victims have also included a number of large corporations like Asahi.

For instance, HOYA, a major lens manufacturer, experienced a system shutdown in March 2024. It lasted for more than three weeks, resulting in the suspension of sales of some eyeglasses.

The major publishing company KADOKAWA was likewise attacked in June 2024. It was forced to suspend its video streaming service, Niconico Video.

Proactive Protection

A law related to "active cyber defense," which aims to preemptively neutralize cyberattacks before they can cause damage, was partially enacted in July. However, it only applies to core infrastructure.

Corporate executives should not think of the damage inflicted on Asahi as someone else's problem. If an attack occurs, it could disrupt their business operations for a lengthy period of time. For that reason, managers should recognize protection against cyberattacks as a critical issue demanding priority attention. They should without delay conduct inspections of their own systems and take necessary countermeasures to deal with any hacker threat.

These countermeasures should of course be designed to prevent intrusion from outside the company's own systems. Likewise, companies' ability to immediately detect intrusions is equally important.

All companies and institutions should formulate a business continuity plan in the event damage is incurred.